TNW Sites

No, the new iOS 6.1 lock screen bypass bug does not allow access to your iPhone’s file system

Earlier today, word began getting around that there was a new way to bypass the iOS 6.1 lock screen and that this one was even worse, allowing full access to the user portion of the file system. Well, that’s not exactly true, as we’ve uncovered with some simple tests.

The lock screen bug does in fact exist, and it works as advertised, bypassing the lock and bringing you to a blank black screen with just the status bar. But it allows you no access to anything, not pictures, not contacts and certainly not the file system.

This ‘bug’ does not change that behavior. Though it appears as if the lock has been fully ‘bypassed’, it does not change the fact that the file system is still encrypted and unreachable.

Once an iPhone has been connected to a computer and unlocked once, its file system is always viewable by that machine, regardless of passcode status. Don’t shoot the messenger if you don’t like this behavior, that’s just the way it is. But, what it means is that this bypass method could only show the file system if it had previously been plugged into that computer while unlocked.

If the researchers had bothered to plug it into a machine that had never been connected to that device before, then they would have been unable to access the file system. They would have been presented with an error message by iTunes and by any file explorer utility.

To demonstrate, here is an iPhone with a passcode enabled and the bypass trick done on it connected to a new computer for the first time. No dice on reading it, you can see the iTunes error message there:

Here’s a closer look at the message:

And here’s what happens when you unlock it, allow the computer to register the device and then ‘lock’ it again. Voila, access (you can see the iTunes restore dialog):

In short, in order to gain access to your iPhone’s file system, someone would need your computer and your phone. And if they’ve got both of those, you have bigger problems than someone getting access to your saved games.

All that aside, there is still two ways to bypass a passcode now in the clear, and that shouldn’t be. Apple needs to fix them and has already begun testing fixes for the next version of iOS 6.